Court Finds FBI's 'Malware' Deployment To Be Perfectly Constitutional

from the well...-the-darkweb-is-like-an-unlit-highway... dept

The US court system has hosted a large number of lively discussions about the tactics used by the FBI in its Playpen child porn investigation. A lot of new ground was broken by the FBI, not all of it good. First, the agency kept a darkweb child porn site running for two weeks after it seized it. It did this to facilitate the distribution of malware designed to uncover information about the computers (and users) accessing the site.

Adding to the mess was the malware itself. The FBI's Network Investigative Technique (NIT) was deployed across the US (and across the globe) via a single warrant signed by a magistrate judge in Virginia. Plenty of courts have declared the FBI's warrant invalid, as the search performed violated Rule 41's jurisdictional limitations. (Those limitations no longer exist, so chalk up a win for the DOJ.) Many have also called the NIT's extraction of IP addresses and device-identifying info a search. But very few judges have seen fit to suppress the evidence obtained, either finding no privacy expectations in IP addresses or granting the FBI "good faith."

At the appellate level, only two Playpen cases have been heard, but both courts returned decisions in favor of the government. The process continues in full force at the lower levels, where the DOJ is still working its way through the dozens of cases springing from its NIT deployment.

In Texas, a federal judge has decided [PDF] against suppressing evidence obtained with the FBI's NIT. But Judge Xavier Rodriguez does so while using a descriptive term the government vehemently disagrees with. [h/t Brad Heath]

In December 2014, the Government became aware of a website named Playpen that contained child pornography. One of the servers for that website was in North Carolina. Ultimately the Government seized that server pursuant to a warrant, relocated the server to Virginia, and assumed the role of administrator. When the Government was unable to identify the identity of the approximate 150,000 members of the website, the Government obtained a warrant on February 20, 2015 to deploy Network Investigative Technique (NIT) malware. The warrant authorized the search for persons located in the Eastern District of Virginia. The malware, however, reached all computers accessing the website, including Defendant Halgren’s computer in San Antonio, Texas.

Through the malware the Government discovered that a user named “Platch” accessed the site, and the Government discovered the IP address associated with “Platch.” Defendant Halgren was the user associated with the IP address.

The FBI has argued its NIT isn't malware, even though it seems to fit the description. It's a payload designed to reveal IP addresses and device info without the target's permission or awareness. If deployed by anyone else other than the government, the government would take issue with the exploit's operation and delivery method.

Thus ends the things the government won't like in this opinion. The judge goes a route few others have, treating the malware like a tracking device. By casting it as something it really isn't, the judge is able to sustain the warrant's viability. If the NIT is a tracking device, no jurisdictional violations occurred. The tracking device simply "traveled" out of the jurisdiction and that can't possibly be the government's fault.

Magistrate Judges have authority “within the district in which sessions are held by the court that appointed the magistrate judge . . . and elsewhere as authorized by law.” 28 U.S.C. § 636(a). Former Rule 41 that was in effect in 2015 authorized a Magistrate Judge “to issue a warrant to search for and seize a person or property located within the district.” The Former Rule 41 provided “exceptions to this jurisdictional limitation for property moved outside of the jurisdiction, for domestic and international terrorism, for the installation of a tracking device, and for property located outside of a federal district. None of these exceptions [in 2015] expressly allow[ed] a magistrate judge in one jurisdiction to authorize the search of a computer in a different jurisdiction.”

But see United States v. Darby, 190 F. Supp. 3d 520, 536 (E.D. Va. 2016) (“Rule 41(b)(4) allows a magistrate judge to issue a warrant for a tracking device to be installed in the magistrate's district. Once installed, the tracking device may continue to operate even if the object tracked moves outside the district. This is exactly analogous to what the NIT Warrant authorized. Users of Playpen digitally touched down in the Eastern District of Virginia when they logged into the site. When they logged in, the government placed code on their home computers. Then their home computers, which may have been outside of the district, sent information to the government about their location. The magistrate judge did not violate Rule 41(b) in issuing the NIT Warrant.”)

Even if the court would have found the warrant invalid (which it didn't), it still would have allowed the FBI to keep the evidence because the Fourth Amendment doesn't cover IP addresses.

Given that the Defendant’s IP address was required to be disclosed to various third parties and Playpen to access the website, any subjective expectation of privacy the Defendant may have possessed was not objectively reasonable.

And if that wasn't enough, good faith is also granted, so any lack of a valid warrant still wouldn't have resulted in evidence suppression.

The warrant was not void at its issuance. Even if it had been, the Court concludes that the good faith exception would apply and that suppression would not be warranted.”); but see Levin, 186 F. Supp. 3d at 44 (NIT Warrant was issued without jurisdiction and thus was void ab initio and the good-faith exception is inapplicable). This Court disagrees with Levin and the three or four other courts that have ordered suppression. If a judge signed a warrant without the necessary probable cause determination that warrant was akin to being void. But if an officer reasonably relies upon that signing and acts in good faith, Leon holds that the evidence seized should not be suppressed.

This will almost certainly be appealed. There's still plenty of appeals courts left that haven't explored these issues. The first two tries went the government's way, but more eyes on more cases may actually result in a successful suppression effort. The problem is the rules (well, Rule 41 anyway) have changed. Courts may see little value in suppressing evidence the government can now acquire lawfully with last year's Rule 41 changes. The Eighth Circuit Appeals Court came to exactly that conclusion earlier this year.

The thing is, the government should still be deterred from breaking rules they know still exist, even if governing statutes may change in the future. The government hasn't stopped locking up marijuana users and dealers even though legalization in a majority of US states seems inevitable. This standard should be applied to the government by the only entities capable of doing it: the US courts.

Jurisdiction

If warrants can apply world wide, then why were they worried about Russian agents possibly hacking computers in the US? I mean, how do they know that some secret Russian court (like some in the US) didn't issue some secret warrant authorizing it, thus making it perfectly "legitimate"?

Re: Re: Jurisdiction

Governments only suffer from this when its citizenry suffers from this.

America is jam fucking packed with entire groups of..."My shit don't stink but yours does or politics in a nutshell""Saying anything bad about people actively involved in inviting their misfortune is just victim blaming""But those other guys are worse, so what I did is excusable so lets ONLY focus on the bigger evil and ignore all the lesser evils"

Just like Obama said, you get the politicians you deserve.

I get a lot less flack when I quote Obama than when I quote Joseph De Maistre... funny that!

Re: Re: Re: Jurisdiction

I think your rather simplistic view of world events is clouding your judgment. You do realize there is a large group of well off individuals who actively engage in creating the mess to which you refer. They do this in order to further their wealth ... at your expense. Do you really think they will give up just because you convinced everyone else to ...... ummm what exactly do you propose - as I did not see anything other than your bitching.

Marijuana is a good example of how the US Government is completely out of touch with the country and is just working for itself. Not to mention the FCC case and many other aspects. This lack of respect for the law is just a symptom of this disconnection. And then they just change the rules when they can to fit what they want, use secret interpretations of the law etc, not what's best for the people. That when they don't just flat out ignore whatever. What's it called again, when Governments act like this?

Re: Re:

>Why would the US government care about the lowly common people? Where's the money in that?

Where is their food, cars, boats and planes when they own all the money, and lowly people have returned to barter? Money becomes worthless when nobody will accept it in exchange for goods and services.

Re: Re: Re:

I'm not seeing the injustice here

I'm not seeing any fundamental issue of injustice in retroactively applying the changes to Rule 41, nor in allowing the admission of this evidence under the Good Faith exception.

In any case, it never made sense to require the authorities to obtain a separate warrant for each judicial district in the US for nationwide operations such as this. Requiring the authorities to file an identical warrant application 94 times because of wholly artificial jurisdictional boundaries did not serve any interest of justice of which I'm aware.

I agree that Rule 41 needs safeguards (that it doesn't have) to prevent magistrate shopping, but the fundamental idea that there should be an ability to obtain a warrant of nationwide validity (since judicial districts are irrelevant to the operation of the Internet) is sound enough.

Re: I'm not seeing the injustice here

Re: I'm not seeing the injustice here

I agree that the malware could be referred to and used as a tracker.

However, until the government can prove a valid chain of custody from the subjects computer to the FBI's server with the evidence, all IP addresses and any other information obtained from the suspects computers should be tossed.

The government refuses to release, for validation of proper forensic handling, the code to the tracker, so the only way we know the the suspect did visit the site is the word of an agent. Who's to say the information wasn't tampered with in transit to the FBI's server? What if an agent added the information to the database because of malicious intent? How do we know the malware didn't jump systems accidentally and snag an innocent person?

At least with physical evidence they put the items into sealed bags with signatures, can still be messed with but it's harder without collusion by the police force. From the testimony in court the FBI doesn't encrypt the evidence in transit to the server so who knows if the data is authentic.

Unfortunately the suspects are alleged child pornographers so it not like society is jumping off the couch to help them.

I'm not seeing the connection

I don't see how your comment squares with what I wrote (or the article.) The warrants were initially declared invalid because of the jurisdictional reach of the warrants under Rule 41; the issues had nothing to do with chain of custody or authentication.

Re: I'm not seeing the connection

I was making the point that despite any shortcomings involving Rule 41, the fact that the judge didn't toss out evidence shows that injustice was still committed against the suspects because the chain of custody was broken while using the malware.

It references the article because the judge likened the malware to a tracking device that the suspect unknowingly took with them after they left the server in North Caroline.

Because the server was in North Carolina I can see why they got a warrant in that area and the only rational for not tossing the evidence due to Rule 41 violations is that the malware is treated like a homing beacon the suspects are taking with themselves.

... what.

I'm not seeing any fundamental issue of injustice in retroactively applying the changes to Rule 41, nor in allowing the admission of this evidence under the Good Faith exception.

You don't see any problem with doing something that's not allowed under the law, changing the law so that said actions are covered, and then applying the new law retroactively?

As noted by others by that standard pretty much anything goes, because all you need to to is change the law to cover what you did before. Sure it's illegal now, but just get it changed before the lawsuits wrap up and you're golden(assuming the abomination known as 'good faith' doesn't get you out before then).

In any case, it never made sense to require the authorities to obtain a separate warrant for each judicial district in the US for nationwide operations such as this.

Beyond the fact that those pesky 'jurisdictional limits' were clearly in the law before they changed it you mean?

Requiring the authorities to file an identical warrant application 94 times because of wholly artificial jurisdictional boundaries did not serve any interest of justice of which I'm aware.

Yes, such a heavy burden, getting 94 warrants. I mean it's not like we're talking about an operation run by a major government agency, with extensive resources and manpower, and where there is no immediate need for the warrants right now(they ran the site for two weeks remember).

Regarding 'wholly artificial jurisdictional boundaries', you realize that national boundaries fall into that same category? Would you likewise see nothing wrong with a foreign government/agency getting a local warrant and applying it to a system located in the US?

As for 'serving the interests of justice', I'm pretty sure requiring major government agencies to follow the law covers that. 'Justice' is most certainly not served when those tasked with upholding and/or enforcing the law are free to ignore it at whim.

Re: I'm not seeing the injustice here

If a judge only has authority to make rulings or issue orders within a single town, a single county, a single state or a single judicial district -- what authority does their orders or rulings have outside of that area of authority?

Or put another way, if you're doing something perfectly legal in your own home town, do you WANT a judge thousands of miles away to be able to issue an arrest warrant for you, because what you're doing is illegal in a place you've never been to, and possibly even plan to never visit?

Altering the rules after the fact

Under the standard that suppression is unnecessary if the rules later change, what's to stop the government from violating any rule/law that seems inconvenient, then pleading later that they expected the point would be moot before the courts got around to examining it? At best, they get to do as done here and flout the law. At worst, they get a slap on the wrist and lose evidence that they otherwise would not have had anyway, leaving them no worse off than if they had obeyed the law.

Re:

Re: Re:

and when it does (not if) escape and attacks, oh say one of the political party type servers or something .. watch out for the inevitable outpouring of righteous indignation levied at those damn nerd hackerz blah blah which will be used to rationalize the spreading of more malware to more innocent victim's machines.

Only You can Prevent Tyranny

The thing is, the government should still be deterred from breaking rules they know still exist, even if governing statutes may change in the future. The government hasn't stopped locking up marijuana users and dealers even though legalization in a majority of US states seems inevitable. This standard should be applied to the government by the only entities capable of doing it: the US courts.

Do not defer to the courts in some unreasonable expectation they will uphold the law while seeking justice.

Most court jesters (ie judges) are completely beholden to the state and thus may not be wholly objective while rendering a decision as it is very difficult to get a person (court jester or not) to understand something if their pay check is dependent on them not understanding. A great majority of court jesters today base their decisions not on upholding the US Constitution but on political expediency du jour.

Expediency leads to tyranny.

This standard should be applied to the government by the only entities capable of doing it: US Citizens.

Those persons in power (ie government) will cede nothing without people demanding change. Anything less will derive the same result: Tyranny.

Re: Re: whoa!

This is no fault of expediency, but instead the fault of the actor whom found "expediency" in doing so. What good is a gun if you know not where to aim it?

"You missed one of the key words in my highlighted sentence above: demanding."

And do you suppose that my demands for fair and equitable treatment shall ever be heard? Nay, "what will be heard" is the force of law brought upon those failing to follow it. Plea's fall upon deaf ears. Judge them by the fruits of their labors.

"Do you have a clue as to what you are typing about?"

Apparently far more than you, whom chooses to blame ideas instead of the actors.

Re: "Bleed for your liberty"

Court Jesters and Tyranny

Even if the court would have found the warrant invalid (which it didn't), it still would have allowed the FBI to keep the evidence because the Fourth Amendment doesn't cover IP addresses.

Given that the Defendant’s IP address was required to be disclosed to various third parties and Playpen to access the website, any subjective expectation of privacy the Defendant may have possessed was not objectively reasonable.

Lets have a warm round of applause for that specious US (not-so) supreme court derived legal theory of:

Third Party Doctrine

It is light years beyond doubtful that the persons who authored the US Bill of Rights intended for the judiciary (which is supposed to act as a check on the other two branches of government not a rubber stamp) or any other branch of the US government to invent a specious legal theory with zero basis in law in order to make it easier for the US government to circumvent or subvert the US Constitution and thus render the 4th Amendment (etal) null and void for purely politically expedient motives.

Thank you so much you worthless tax feeding fraction of American turd stains.

Re: Court Jesters and Tyranny

"It is light years beyond doubtful that the persons who authored the US Bill of Rights intended for the judiciary (which is supposed to act as a check on the other two branches of government not a rubber stamp) or any other branch of the US government to invent a specious legal theory with zero basis in law in order to make it easier for the US government to circumvent or subvert the US Constitution and thus render the 4th Amendment (etal) null and void for purely politically expedient motives."

This is why I constantly harp on our attention to Congress... instead of the Presidency.

Congress can strike down this court, or any court for that matter, but they don't! Why? Because your attention is elsewhere and because most people are ignorant of their duty and responsibility as citizens.

Re: Re: Court Jesters and Tyranny

about "Good Faith"...

exactly how far does it extend? Because from what I am hearing, an LEO or a group of LEO's could shoot a pregnant mother, cut out her unborn child, and eat it, on like TV, in front of the Supreme Court, Congress, AND the POTUS. Causing riots that would make Ferguson and Rodney King COMBINED look like a Sunday afternoon Church block party. And they STILL would be granted that they did it in "Good Faith".

Re: about "Good Faith"...

Well you see for 'Good Faith' to apply a strenuous and extremely complex test is put in place, where the judge needs to go through the list, carefully considering each factor before coming to a determination.

That test is roughly as follows:

1) Can the police ever do anything wrong?

If 'Yes', move on to #2.

If 'No', 'Good Faith' applies.

2) Do the laws apply to everyone equally, or do those with badges deserve more wiggle room?

If 'Everyone equally', move on to #3.

If 'Those with badges deserve wiggle room', 'Good Faith' applies.

3) Which is more important, upholding the laws or seeing The Bad Guys punished?

If 'Upholding the laws', move on to #4.

If 'Seeing The Bad Guys punished', 'Good Faith' applies.

4) Seriously, the accused is clearly guilty, just look at them! The law isn't meant to protect obvious criminals, is it?

If 'Yes, even them', move on to #5.

If 'No, the law is only meant to protect the innocent', 'Good Faith' applies.

5) Is it really worth tanking a case just because the prosecution/investigators didn't dot all the i's, cross all the t's? All those nitty gritty details(things like 'what the law does and does not say, does and does not allow') aren't that important, are they?

If 'Yes, they really are', do freakin' job, even if it means a guilty person walks free.

First and foremost we have to remember that the content of the site in question is not acceptable and will never be acceptable in the future. It is the reddest of red flags and is the level of contraband that makes meth-dealing biker gangs jealous. Possessing and/or distribution will not only guarantee jail time, it will almost ensure murder at the hands of other prisoners. There is no subject matter more venomous in the entire world.

Okay, good.

Here's the thing, laws will be changed before anyone will give any leeway in this subject. In fact, these laws will be changed almost unanimously every time. No person will ever want to be remotely connected to defending anyone under accusation of these crimes. No senator will raise their hand and say "but what if due process is in fact due here?" because they cannot afford the press feeding frenzy to shortly follow. There are fine lines I tread writing this that may put me on a watch list (not registry, just a watch list) because the nature of this subject.

So don't, even for a nanosecond, expect this to be even thought about by anyone with authority. In fact, I'd wager that the only reason any judges are seeing these appeals is due to obligation and not the expectation of impartial review.

Re: Tough cases

1. A guy who won't reveal his password because it's a 5th amendment violation. He's quite possibly a pedophile, so we have to defend a scumbag's fifth amendment rights.

Accused Scumbag, yet to be proved.

2. We have neo-Nazis trying to get hosting online, and exercise free speech in the streets. So we have to defend scumbags' first amendment rights.

I kind of agree with you on this one, but really it should be the court's that decide that they should be entitled to spread there word, till then it's free speech, just because people don't agree with it doesn't mean it shouldn't be heard, till a court say's it's hate speech or such it remains free, that's not to say a company has to provide a platform for them to spread that speech.

3. We have, again, a bunch of pedophiles arrested who were hit with malware that violated their fourth amendment rights. So we have to defend scumbags' fourth amendment rights.

Again, accused scumbags, yet to be proved

I don't think the government could come up with a more perfect trifecta to help it strip away our rights.

And this is why the accused should be afforded all rights regardless on the court of the public, I am sure in either point 1 or 3 everyone that truely is innocent would like to be afforded protections and rights, the simple test is, if you want them protections and/or rights if you were in that position, then you should defend them for anyone else that's accused.

Re: Re: Tough cases

BLM isn't attacking people. BLM is strictly nonviolent, and has multiple times condemned violence in their name. They're not the Panthers who seek to retaliate against violence.

Antifa is violent. Antifa is less interested in sending a message than it is about taking direct action to destroy what it sees as a direct and imminent threat to humanity and to civilization. As such they are determined to gather wherever and whenever Fascism and Racism manifest and destroying those who involved. They hold the position that the Holocaust and the historical abuses we've seen under fascism and under racist regimes were intolerably horrible, and risking letting them recur is too much of a danger to allow for matters such as due process or freedom of speech.

One would think we could see the difference between the BLM's methods and Antifa's. One would think we could recognize that we want to be able to confront injustice and change society for the better by peaceful protest, rather than by violence.

When enough people can't tell one from the other, it shows that staying peaceful doesn't matter. If petitioning the public isn't recognized, if they're going to get dismissed anyway, it vindicates Antifa's methods over BLMs, because why concern yourself with playing nice when you'll be accused of savagery anyway? Why throw your resources into a petition when the only thing the society understands is its own destruction?

CmmonSns I hope you and yours get it before folks like BLM decide that you never will.

Re: Re: Re: Tough cases

Re: Re: Re: Re: Tough cases

Shame on you for not doing your homework.

BLM is not violent.

There may be BLM associates who are violent the way that sometimes GOP associates bomb abortion clinics or assassinate abortion providing doctors, but BLM actively condemns and discourages violence, much the way the GOP does.

(We'll set aside for now that members of the GOP often endorse -- loudly and proudly -- extra-judicial torture of civilians or drone-striking villages of innocents, which is endorsing violence.)

Re: Tough cases

This is a known weakness of the US bill of rights and how it is enforced: in order for there to be a disincentive to ignoring them, the state gets penalized, specifically by letting horrible people walk.

If it worked, you wouldn't blame the child pornographers and neo-nazis. Rather you would blame the police agencies who fucked up trying to apprehend them.

The problem is now the legal system has decided it's more important to jail horrible people rather than preserve the rights of the public, even when it means spying on the public, allowing corruption to fester and throwing innocent people in jail as well.

Re:

It's a problem where government is basing it's decisions on what was best for it at the time instead of on American values (life, liberty, and the pursuit of happiness) with a focus on long term goals. By undermining the liberties of the suspects they are also undermining the rights of everyone else.Sure they nabbed potential pedophiles now but they can't stop the problem long term with crappy police work like this.

Re:

If you enjoy your enslavement stay where you are

If you've had enough and recognize the time to revolt is now keep reading. Revolting doesn't mean violence. Revolts can happen via any number of ways. The Free State Project has been working to gather the 3% who place freedom and liberty above "safety" and "security" theater in one region. This has led to increasing influences for the liberty-respecting population in New Hampshire. The idea of the Free State Project was to start a migration as there would otherwise be no place on earth with enough liberty-minded people to have any real political impact. We're losing the war, but we can win a place to call home. A bastion of hope still exists. But your not going to get it sitting back and doing nothing. You have to work for it. You have to move to the place where others are moving who think like you.

If you think:

- Nazi-style checkpoints should be illegal and no amount of "danger" (while the argument is flawed anyway even if DUI checkpoints worked well they are immoral, people should not be subject to government and have there rights violated merely because of a potential threat, the police even admit DUI checkpoints are ineffective at catching drunk drivers and almost nobody is caught drinking and driving, but these checkpoints are used to catch people committing MANY other mostly minor violations) is a justifiable excuse to set them up in America the Free State Project needs you.

- If you this NIT warrant is blatantly unconstitutional the Free State Projects needs you.

- If you'd prefer to get on a plane and NOT show any ID, get scanned, etc the Free State Project needs you. Life has risks and sometimes the cost of freedom is a few people will die.

- If you believe in the right to travel for which is supposed to be guaranteed to all and that drivers licenses, vehicle registration, and license plates are a violation of our right to travel (you can access the majority of the country without a motor vehicle) then you need to move to NH.

- If you think there should be no law outside of those which criminalize acts of violence we need you here in NH. ie if you are against copy"right" (depends on government violence to enforce on peaceful people), criminalization of drug possession/distribution/etc we need you here in NH.